For OpsMgr quite some people use the local system account as their Action Account. And if things are not working as expected you sometimes want to run a script or other actions under the local system account. I used to use the Task Scheduler to have scripts running under the Local System Account, but now I learned you can easily use the PSExec tool of SysInternals to do the same:-)
How does this work?
You can download the tool and install it on the systems you want to do your troubleshooting or just use the live share on http://live.sysinternals.com/
I created a quick and dirty PowerShell script that writes the owner of the PowerShell process to the PowerShell eventlog.
############################################################################################## # Write Owner of PowerShell Process to PowerShell Eventlog # Authors: Stefan Stranger # ScriptName: UserAccountDebugging.ps1 # v1.000 - 24/03/2010 - stefstr - initial sstranger's release (quick & dirty version)##############################################################################################
############################################################################################## #Function Write-EventLog($Description) # #Writes Owner of PowerShell process to PowerShell Eventlog. ############################################################################################## function Write-EventLog($Description) { $source = "PowerShell(PowerShell)" [string]$type = "Information" [int]$eventid = 999 if(![System.Diagnostics.EventLog]::SourceExists($source)) { [System.Diagnostics.EventLog]::CreateEventSource($source,'Windows PowerShell') } else { $log = New-Object System.Diagnostics.EventLog $log.set_log("Windows PowerShell") $log.set_source($source) $log.WriteEntry($Description,$type,$eventid) }
}
$processes = Get-WmiObject Win32_Process -Filter "name='powershell.exe'" $appendedprocesses = foreach ($process in $processes) {Add-Member -MemberType NoteProperty -Name Owner -Value ($process.GetOwner().User) -InputObject $process -PassThru} $owners = ($appendedprocesses | select owner) foreach ($owner in $owners) { $evtdescription = "PowerShell process is being run under the next account: " + $owner.Owner Write-EventLog $evtdescription }
# Do whatever you wanted to do in the PowerShell script for your OpsMgr environent
Write-Host "Hello World"
Save above script as UserAccountDebugging.ps1.
If we run the above script with our logged on user account we get the next result:
Result in Eventviewer
Now let’s start PSExec and run the PowerShell script with the local system account.
Open Command prompt (as Administrator) and type: psexec –i –d –s powershell.exe
Now a new PowerShell Window will be opened as Local System Account.
Let’s now run the PowerShell script again and check the owner of the PowerShell process. Close all PowerShell sessions first ;-)
Have fun using PSExec to debug OpsMgr Permissions issues with the local system account.